'No respect for users, no precise answers:' Facebook privacy policies slammed by Belgian watchdog

Reuters / Dado Ruvic
A Belgian privacy watchdog says that Facebook is flouting European privacy laws by tracking people without their consent, including those who have not even registered with the social networking site.

The Belgian Privacy Protection Commission (CPVP/CBPL) launched the scathing attack after carrying out an investigation into the US tech giant’s practices. Preliminary recommendations were published on Friday.

Facebook would not explain in detail how it uses the data it collects from individuals online and there are also problems with plug-ins, some of which can affect people who don’t even have a Facebook account, the commission said. One of the plug-ins under scrutiny was the ‘Like’ button.

The social network, the commission noted, has the power to link the browsing habits of internet users to their interactions on the net and other personal data including medical information, and sexual or religious and political preferences.

“Facebook tramples on European and Belgian privacy laws. Facebook has shown itself particularly miserly in giving precise answers,” said the data protection authority.

It is “make or break time” for Facebook, the CBPL said, concluding that the giant treats the privacy of its users “without respect.”

READ MORE: Fact: Facebook tracks non-users - says 'fix already underway'

As a recommendation, the commission now insists that Facebook gets explicit consent from users and that its current measures are insufficient and not exempt under EU law.EU privacy laws state that prior consent must be obtained before performing tracking unless it is necessary either to connect to the service or deliver something specifically requested by the user.

The watchdog also said that Facebook should only track users when they are logged in and not when logged out, and that the social network must use cookies that expire after a certain period of time.

Users were also advised to install privacy software such as Ghostery or Disconnect browser extensions.

Facebook already regulated

In response, Facebook questioned the authority of the Belgian watchdog and said it was already regulated by Irish law, the site of its European headquarters.

"Facebook is already regulated in Europe and complies with European data protection law, so the applicability of the CBPL's efforts are [sic] unclear," said a spokeswoman for the company.

Ireland has come under fire from other EU states for its lax laws on data protection and corporate taxation designed to attract big multi-national companies.

READ MORE: 25,000 angry users: Facebook privacy class action lawsuit to be heard by European court

Although the Belgian data protection watchdog doesn’t have the power to fine Facebook it can initiate lawsuits if breaches in the law are found.

The comments of the Belgian commission come at a time of growing mistrust in Europe over the practices of US technology companies and what they do with their users’ data.

Google has had to change its privacy policies following investigations by several European authorities after the EU’s highest court ordered it to remove links to information updates, which came up from searches for people’s names. The European Commission also launched a broader anti-trust case against the search giant last month.

Facebook is also being investigated by the Dutch data protection agency and a pan European data protection working party under Article 29 of the European Commission, which may result in the establishment of an EU-wide data regulator.

Some in the EU believe that US technology firms are too dominant, discourage European start-ups and jeopardize privacy laws, while in the US some reckon Europe is throwing up protectionist barriers to successful US technology companies.